SLSA – Supply-chain Levels For Software Artifacts
SLSA (pronounced "salsa") is security framework from source to service, giving anyone working with software a common language for increasing...
SLSA (pronounced "salsa") is security framework from source to service, giving anyone working with software a common language for increasing...
PowerShell toolkit for auditing Active Directory Certificate Services (AD CS). It is built on top of PKISolution's PSPKI toolkit (Microsoft...
Passive DNS collection and monitoring built with Golang, Clickhouse and Grafana: dnsmonster implements a packet sniffer for DNS traffic. It...
Go scripts for finding an API key / some keywords in repository Update V1.0.1Removing some checkers Adding example file contains...
Create fake certs for binaries using windows binaries and the power of bat files Over the years, several cool tools...
Process Dump is a Windows reverse-engineering command-line tool to dump malware memory components back to disk for analysis. Often malware...
keimpx is an open source tool, released under the Apache License 2.0. It can be used to quickly check for...
SQLancer (Synthesized Query Lancer) is a tool to automatically test Database Management Systems (DBMS) in order to find logic bugs...
XLMMacroDeobfuscator can be used to decode obfuscated XLM macros (also known as Excel 4.0 macros). It utilizes an internal XLM...
An educational exploitation framework shipped on a modular and highly extensible multi-tasking and multi-processing architecture. Brutus: an IntroductionLooking for version...
This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being...
Search for public profile information on FacebookInstallation# clone the repo$ git clone https://github.com/Godofcoffe/FisherMan# change the working directory to FisherMan$ cd...
REW-sploitThe tool has been presented at Black-Hat Arsenal USA 2021 https://www.blackhat.com/us-21/arsenal/schedule/index.html#rew-sploit-dissecting-metasploit-attacks-24086 Slides of presentation are available at https://github.com/REW-sploit/REW-sploit_docs Need help...
Allstar is a GitHub App installed on organizations or repositories to set and enforce security policies. Its goal is to...
jsleak is a tool to identify sensitive data in JS files through regex patterns. Although it's built for this, you...
AuraBorealis is a web application for visualizing anomalous and potentially malicious code in Python package registries. It uses security audit...
Intel SGX protects isolated application logic and sensitive data inside an enclave with hardware-based memory encryption. To use such hardware-based...
A statically-linked ssh server with a reverse connection feature for simple yet powerful remote access. Most useful during HackTheBox challenges,...
PickleC2 is a post-exploitation and lateral movements framework. DocumentationReadTheDocs OverviewPickleC2 is a simple C2 framework written in python3 used to...
Grab cam shots from target's phone front camera or PC webcam just sending a link. What is CamPhish?CamPhish is techniques...
This is a framework designed to test authentication for web applications. While web proxies like ZAProxy and Burpsuite allow authenticated...
This tool allows: To check whether a subdomain can be taken over because it has: a dangling CNAME pointing to...
An advanced PHP backdoor management tool, with a lightweight server footprint, multi-threaded communication, and an advanced payload generation and obfuscation...
NinjaDroid is a simple tool to reverse engineering Android APK packages. Published at: https://snapcraft.io/ninjadroid $ snap install ninjadroid --channel=betaOverviewNinjaDroid uses...